Why? As with any market, it’s all about supply and demand. The study, from Juniper Networks and The RAND Corporation, found that high-profile data breaches — think Target’s data hack in December — create influxes of available credit card data online. The more data available, the less valuable it becomes, especially when banks react to hacks by cancelling and replacing stolen cards.

In the wake of of a mass credit hack there’s a flood of card numbers available on the black market, even if most of them are no longer useful. In comparison, the supply of stolen social media account details rarely surges from a single event in the same way.

As the study’s authors put it:

A Twitter account costs more to purchase than a stolen credit card because the former’s account credentials potentially have a greater yield. Immediately after a large breach, freshly acquired credit cards command a higher price—as there is greater possibility for the credit cards to still be active. But after time, prices fall because the market becomes flooded…

Just how much is a hacked social media account worth on the black market? Depending on the type, costs range from $16 to $325. During a large credit card breach, the value of stolen credit card data can costs as little as $0.75 per record.

But make no mistake, being hacked is not cheap. Costs associated with the breach involving credit cards used at Target have topped $200 million for financial institutions. But when faced with the choice of going after your card number or your Twitter password, don’t be surprised if the average cyber criminal chooses the latter.